package com.awanp3.nimbus.system.strategy.impl;

import cn.hutool.crypto.digest.BCrypt;
import cn.dev33.satoken.stp.StpUtil;
import cn.dev33.satoken.stp.parameter.SaLoginParameter;
import com.awanp3.nimbus.common.core.constant.HeaderConstants;
import com.awanp3.nimbus.system.domain.vo.LoginVo;
import com.awanp3.nimbus.system.domain.vo.SysClientVo;
import com.awanp3.nimbus.system.domain.vo.SysUserVo;
import com.awanp3.nimbus.system.form.PasswordLoginBody;
import com.awanp3.nimbus.system.properties.CaptchaProperties;
import com.awanp3.nimbus.system.service.ISysUserService;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import com.awanp3.nimbus.system.strategy.IAuthStrategy;
import com.awanp3.nimbus.system.strategy.SysLoginService;
import com.awanp3.nimbus.common.core.enums.LoginType;
import com.awanp3.nimbus.common.core.utils.ValidatorUtils;
import com.awanp3.nimbus.common.json.utils.JsonUtils;
import com.awanp3.nimbus.common.satoken.utils.LoginHelper;
import com.awanp3.nimbus.common.tenant.helper.TenantHelper;
import com.awanp3.nimbus.system.api.model.LoginUser;
import org.springframework.stereotype.Service;

/**
 * 密码认证策略
 *
 * @author 20014170
 */
@Slf4j
@Service("password" + IAuthStrategy.BASE_NAME)
@RequiredArgsConstructor
public class PasswordAuthStrategy implements IAuthStrategy {

    private final CaptchaProperties captchaProperties;

    private final SysLoginService loginService;

    private final ISysUserService sysUserService;

    @Override
    public LoginVo login(String body) {
        PasswordLoginBody loginBody = JsonUtils.parseObject(body, PasswordLoginBody.class);
        ValidatorUtils.validate(loginBody);

        String tenantId = loginBody.getTenantId();
        String username = loginBody.getUsername();
        String password = loginBody.getPassword();
        String code = loginBody.getCode();
        String uuid = loginBody.getUuid();

        SysClientVo client = loginService.checkClient(loginBody.getClientId(), loginBody.getGrantType());

        if (TenantHelper.isEnable()){
            loginService.checkTenant(tenantId);
        }
        // 验证码开关
        if (captchaProperties.getEnabled()) {
            loginService.validateCaptcha(tenantId, username, code, uuid);
        }
        LoginUser loginUser = TenantHelper.dynamic(tenantId, () -> {
            SysUserVo sysUserVo = sysUserService.selectUserByUserName(username);
            LoginUser user = loginService.buildLoginUser(sysUserVo);
            loginService.checkLogin(LoginType.PASSWORD, tenantId, username, () -> !BCrypt.checkpw(password, user.getPassword()));
            return user;
        });
        loginUser.setClientKey(client.getClientKey());
        loginUser.setDeviceType(client.getDeviceType());

        SaLoginParameter model = new SaLoginParameter();
        model.setDeviceType(client.getDeviceType());
        // 自定义分配 不同用户体系 不同 token 授权时间 不设置默认走全局 yml 配置
        // 例如: 后台用户30分钟过期 app用户1天过期
        model.setTimeout(client.getTimeout());
        model.setActiveTimeout(client.getActiveTimeout());
        model.setExtra(HeaderConstants.CLIENT_KEY, client.getClientId());
        // 生成token
        LoginHelper.login(loginUser, model);

        LoginVo loginVo = new LoginVo();
        loginVo.setAccessToken(StpUtil.getTokenValue());
        loginVo.setExpireIn(StpUtil.getTokenTimeout());
        loginVo.setClientId(client.getClientId());
        return loginVo;
    }

}
